Are there a bunch of crazed woodland creatures passing away their time hacking and not hibernating?

Serious side: Java has been and is known for running on most architectures and being able to affect them. An exploit on a SPARC64 machine can be used to control i386 clients. Did the particular developer of the code in question test it for vulnerabilities?
Sometimes there should be more people like deRaadt when it comes to code.

Oracle released an emergency patch for Java, but security experts warn the patch doesn't fix all critical vulnerabilities. Not counting future Java exploits, the current Java bugs may take '2 years' to fully fix. In fact, US-CERT advises, "Unless it is absolutely necessary to run Java in web browsers, disable it, even after updating to 7u11."

__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump

To be clear, the security flaw affects JRE as well as the JRE plugin; the press is focused on the plugin but if I understand the problem there is still a risk with JRE (non-plugin) if it is used as a Client in a Client/Server HTML application.